2 matches found
Design/Logic Flaw
Anuko Time Tracker is an open source, web-based time tracking application written in PHP. In TimeTracker before version 1.19.24.5415 tokens used in password reset feature in Time Tracker are based on system time and, therefore, are predictable. This opens a window for brute force attacks to guess...
TimeTracker 安全特征问题漏洞
Anuko TimeTracker is Anuko an open source application . Provides a Web-based open source time tracking application written in PHP. A security vulnerability exists in TimeTracker before version 1.19.24.5415, which stems from the fact that the token used in the password reset feature is based on...